package com.atguigu.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.atguigu.realm.MyRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.RememberMeManager;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class ShiroConfig {
    @Autowired
    private MyRealm myRealm;

    @Bean
    //配置SecurityManager
    public DefaultWebSecurityManager defaultWebSecurityManager(){
        //1.创建defaultWebSecurityManager对象
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //2.创建加密对象，设置相关属性
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        //2.1采用MD5加密
        matcher.setHashAlgorithmName("md5");
        //2.2采用的迭代加密的次数
        matcher.setHashIterations(3);
        //3.将加密对象存储到MyRealm中
        myRealm.setCredentialsMatcher(matcher);
        //4.将MyRealm存入defaultWebSecurityManager中
        defaultWebSecurityManager.setRealm(myRealm);
        //设置remember me
        defaultWebSecurityManager.setRememberMeManager(rememberMeManager());
        //5.返回
        return defaultWebSecurityManager;


        /*多个realm代码实现
         //1创建defaultwebsecurityManager对象
        DefaultWebSecurityManager.defaultWebSecurityManager=new DefaultWebSecurityManager();
        //2创建认证对象，并设置认证策略
        ModularRealmAuthenticator.modularRealmAuthenticator = new ModularRealmAuthenticator();
        modularRealmAuthenticator.setAuthenticationStrategy(new AllSuccessfulStrategy());
        defaultWebSecurityManager.setAuthenticator(modularRealmAuthenticator);
        //3封装myReaLm集合
        List<Realm> list = new ArrayList<>();
        list.add(myRealm);
        list.add(myRealm2);
        //4.将myReaLm存入defaultWebSecurityManager对象
        defaultWebSecurityManager. setRealms(list);
        //5.返回
        return defaultWebSecurityManager;
         */
    }

    //cookie属性设置
    public SimpleCookie rememberMeCookie(){
        SimpleCookie cookie = new SimpleCookie( "rememberMe");
        //设置跨域
        //cookie.setDomain( domain);
        cookie.setPath("/");
        cookie.setHttpOnly(true);
        cookie.setMaxAge(30*24*60*60);
        return cookie;
    }
    //创建Shiro的cookie管理对象
    public CookieRememberMeManager rememberMeManager(){
        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
        cookieRememberMeManager.setCookie( rememberMeCookie());
        cookieRememberMeManager.setCipherKey("1234567890987654".getBytes());
        return cookieRememberMeManager;
    }




    //配置shiro内置过滤器拦截范围
    @Bean//之前报网页无法正常运作是因为这里没有加bean注解加入到容器中
    public DefaultShiroFilterChainDefinition  shiroFilterChainDefinition(){
        DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition();
        //设置不认证可以访问的资源
        definition.addPathDefinition(  "/myController/userLogin", "anon");
        definition.addPathDefinition( "/login","anon" );
        //设置登出过滤器
        definition.addPathDefinition( "/logout", "logout");
        //设置需要进行登录认证的拦截范围
        definition.addPathDefinition( "/**", "authc");
        //添加存在用户的过滤器(rememberMe )
        definition.addPathDefinition( "/**","user" );
        return definition;
    }

    // 整合ShiroDialect： 用来整合 Shiro thymeleaf 这样在前端页面就能用上shiro方言
    @Bean//放在spring容器里面
    public ShiroDialect getShiroDialect() {
        return new ShiroDialect();
    }


}
